Message authentication
First Claim
1. A method for the authenticated transmission of messages, comprising the following communication setup steps:
- generating a login key by a keyed-hashing method on the basis of random data, temporal validity information, and a private key;
transmitting the login key from an originator to a destination; and
verifying the authenticity and the temporal validity of the login key on the basis of the keyed hashing digest on the destination side; and
comprising the following acknowledgement steps;
generating an acknowledgement by a keyed-hashing method on the basis of second random data and the private key, wherein the acknowledgement key includes a time stamp;
transmitting the acknowledgement key from the destination to the originator; and
verifying the acknowledgement key by the originator, including checking the acknowledgement key on the basis of the time stamp and the previously stored temporal validity information whether the acknowledgement key is still valid,wherein the keyed-hashing technique uses random data that is stored by the destination in a table during the temporal validity of the login key.
2 Assignments
0 Petitions
Accused Products
Abstract
For the authentication of messages communicated in a distributed system from an originator to a destination a keyed-hashing technique is used according to which data to be authenticated is concatenated with a private (secret) key and then processed to the cryptographic hash function. The data are transmitted together with the digest of the hash function from the originator to the destination. The data comprises temporal validity information representing the temporal validity of the data. For example the setup key of a communication is therefore only valid within a given time interval that is dynamically defined by the communication originator. After the time interval is exceeded the setup key is invalid and cannot be reused again.
-
Citations
7 Claims
-
1. A method for the authenticated transmission of messages, comprising the following communication setup steps:
-
generating a login key by a keyed-hashing method on the basis of random data, temporal validity information, and a private key; transmitting the login key from an originator to a destination; and verifying the authenticity and the temporal validity of the login key on the basis of the keyed hashing digest on the destination side; and comprising the following acknowledgement steps; generating an acknowledgement by a keyed-hashing method on the basis of second random data and the private key, wherein the acknowledgement key includes a time stamp; transmitting the acknowledgement key from the destination to the originator; and verifying the acknowledgement key by the originator, including checking the acknowledgement key on the basis of the time stamp and the previously stored temporal validity information whether the acknowledgement key is still valid, wherein the keyed-hashing technique uses random data that is stored by the destination in a table during the temporal validity of the login key. - View Dependent Claims (2, 3, 4, 6, 7)
-
-
5. The distributed system for the authenticated transmission of messages, comprising:
-
an originator designed to generate a login key by a keyed-hashing method on the basis of random data, temporal validity information and a private key, wherein the login key includes a key hashing digest; and a network for transmitting the login key from the originator to a destination, wherein the destination is designed to verify the authenticity and the temporal validity of the login key on the basis of the keyed hashing digest; wherein the destination is designed to generate an acknowledgement key by a keyed-hashing method on the basis of second random data and the private key and to transmit the acknowledgement key to the originator and the acknowledgement key includes a time stamp; the originator is designed to verify the acknowledgement key, including checking on the basis of the time stamp and the previously stored temporal validity information whether the acknowledgement key is still valid; and the keyed hashing technique uses random data that is stored by the destination in a table during the temporal validity of the login key.
-
Specification